Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: languages Tag: cwe-829 Clear
ID Title
CVE-2026-58116 Code Injection in hiyouga (CVE-2026-58116)
code injection in hiyouga (CVE-2026-58116). Successful exploitation can lead to full system takeover.
CVE-2026-54325 Vulnerability in @earendil-works/pi-coding-agent (CVE-2026-54325)
vulnerability in @earendil-works/pi-coding-agent (CVE-2026-54325). Risk of unauthorized operations or information disclosure. Exploitable via ``project_trust``. Mitigation: upgrade to `0.79.0` or later.
CVE-2026-12057 Vulnerability in foxit (CVE-2026-12057)
vulnerability in foxit (CVE-2026-12057). Successful exploitation can lead to full system takeover.
CVE-2026-52858 Code Injection in vim (CVE-2026-52858)
code injection in vim (CVE-2026-52858). Successful exploitation can lead to full system takeover.
CVE-2026-46529 Command Injection in c (CVE-2026-46529)
command injection in c (CVE-2026-46529). Successful exploitation can lead to full system takeover. Exploitable via ``g_shell_quote``. Mitigation: upgrade to `1.6.2` or later.
CVE-2026-8879 Vulnerability in securly (CVE-2026-8879)
vulnerability in securly (CVE-2026-8879). Risk of unauthorized operations or information disclosure.
CVE-2026-5241 Vulnerability in huggingface (CVE-2026-5241)
vulnerability in huggingface (CVE-2026-5241). Successful exploitation can lead to full system takeover. Exploitable via ``trust_remote_code``.
CVE-2026-44358 Vulnerability in CVE-2026-44358 (CVE-2026-44358)
vulnerability in CVE-2026-44358 (CVE-2026-44358). Data can be tampered with by attackers. Mitigation: upgrade to `1.0.1` or later.
CVE-2026-5817 Vulnerability in docker (CVE-2026-5817)
vulnerability in docker (CVE-2026-5817). Successful exploitation can lead to full system takeover.
CVE-2026-5843 Vulnerability in docker (CVE-2026-5843)
vulnerability in docker (CVE-2026-5843). Successful exploitation can lead to full system takeover.
CVE-2026-8428 Cross-Site Request Forgery (CSRF) in concrete5/concrete5 (CVE-2026-8428)
vulnerability in concrete5/concrete5 (CVE-2026-8428). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `9.5.1` or later.
CVE-2026-8426 Cross-Site Request Forgery (CSRF) in concrete5/concrete5 (CVE-2026-8426)
vulnerability in concrete5/concrete5 (CVE-2026-8426). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `9.5.1` or later.
CVE-2026-43999 Authorization Flaw in vm2 (CVE-2026-43999)
vulnerability in vm2 (CVE-2026-43999). Successful exploitation can lead to full system takeover. Exploitable via ``builtin``. Mitigation: upgrade to `3.11.0` or later.
CVE-2026-44336 Vulnerability in praison (CVE-2026-44336)
vulnerability in praison (CVE-2026-44336). Successful exploitation can lead to full system takeover. Exploitable via ``praisonai.rules.create``.
CVE-2026-43944 Vulnerability in electerm (CVE-2026-43944)
vulnerability in electerm (CVE-2026-43944). Successful exploitation can lead to full system takeover. Exploitable via ``opts``. Mitigation: upgrade to `> 3.8.8` or later.
CVE-2026-43940 Path Traversal in electerm (CVE-2026-43940)
path traversal in electerm (CVE-2026-43940). Successful exploitation can lead to full system takeover. Exploitable via ``runWidget``. Mitigation: upgrade to `3.7.16` or later.
CVE-2026-44312 Vulnerability in css_parser (CVE-2026-44312)
vulnerability in css_parser (CVE-2026-44312). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.22.0` or later.
CVE-2026-43003 OS Command Injection in ironic-python-agent (CVE-2026-43003)
OS command injection in ironic-python-agent (CVE-2026-43003). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `11.6.0` or later.
CVE-2026-6859 Vulnerability in redhat (CVE-2026-6859)
vulnerability in redhat (CVE-2026-6859). Successful exploitation can lead to full system takeover. Exploitable via ``linux_train.py``.
CVE-2026-41253 Vulnerability in c (CVE-2026-41253)
vulnerability in c (CVE-2026-41253). Confidential information can be exposed externally.
CVE-2025-70974 Vulnerability in CVE-2025-70974 (CVE-2025-70974)
vulnerability in CVE-2025-70974 (CVE-2025-70974). Successful exploitation can lead to full system takeover.
CVE-2025-11023 Vulnerability in CVE-2025-11023 (CVE-2025-11023)
vulnerability in CVE-2025-11023 (CVE-2025-11023). Successful exploitation can lead to full system takeover.
CVE-2017-6381 Vulnerability in drupal (CVE-2017-6381)
vulnerability in drupal (CVE-2017-6381). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →